Jump to content


Emsisoft Employee
  • Posts

  • Joined

  • Last visited

  • Days Won


Posts posted by Elise

  1. There is a difference between the Web Protection in Emsisoft Anti-Malware and the browser extension. If we're talking about the Web Protection, then we either block the entire domain or not. The browser extension can be a bit more nuanced in this respect due to the way it works. That means for example, if someone uploads a phishing page to an otherwise legitimate hoster, we won't block the entire domain, which is a good thing if you consider that for example Dropbox or Amazon AWS are used as well for that.

  2. Hello,

    In Emsisoft Anti-Malware, click on Web Protection (under Protection). In the window that opens, click on Add Rule. Under Host add the site you want to allow and under "Implemented Actions" you can set what to do with that site. Click OK and you should have a new rule for the site.

  3. As far as I know these updates will only show up as optional. Most normal computer users will just rely on Windows installing updates automatically and will rarely check the Windows Update settings page.

    Right now I have an optional preview of KB4601382 for example. I can install that manually, but Windows won't do it automatically until the next patch Tuesday. 

    It's good to realize that preview updates (which you can get a little earlier than normal updates) and preview builds (which you can get when you're part of the Windows Insiders program) are really different things. It's normal to see the former on Windows, but the latter you should only see when you are registered for Insider builds.

    • Upvote 1
  4. Hello,

    The posts you found are more than 5 years old. In terms of security software that means the information there is severely outdated. In the past years considerable changes have been made to our products and currently Emsisoft Anti-Malware protects against fileless malware.

    Fileless malware detection has nothing to do with the reputation settings you asked about; our behavior blocker routines were adapted to adequately detect and block fileless malware a few years ago.


    • Thanks 1
    • Upvote 1
  5. Hello,

    No, Emsisoft Anti-Malware should be enough. It will detect keylogging attempts through it's behavior blocker. To be safe, especially against phishing attempts online it is recommended to also install the free Emsisoft Browser Security extension.

    • Thanks 1
  6. Hello,

    The short answer here is "no" (if no information was shared). It will depend on what they were playing on xBox, but it is possible for someone in a multiplayer game to see the IP address of other players. A simple lookup of that address will show your location. That is not an exact address, but just a general indicator (city/state). 

    However that information does not give anyone the possibility to manipulate your internet access. Access is managed by your ISP, so if your internet was not working it probably was a coincidence. You could contact your ISP to see if they have any information about a possible outage.

  7. This has not changed. The article also states clearly at the start:


    It is common for IT administrators to want to disable IPv6. This is often because of some unknown, networking-related issue, such as a name resolution issue.

    Important Internet Protocol version 6 (IPv6) is a mandatory part of Windows Vista and Windows Server 2008 and newer versions. We do not recommend that you disable IPv6 or its components. If you do, some Windows components may not function.


  8. The short answer to that is: no. It can be broken by malware (as in: won't run) or blocked (a replacement is attempted but after a reboot the original bad file is back), but that is about it.

    That being said, malware doesn't need to manipulate it, if it can just circumvent it. If a system is infected and a replaced system file has sufficient permissions to fool Windows into thinking it is legitimate (this typically is rootkit-level), you can run SFC all you want and Windows will report everything is fine, while in fact you can have one or more infected system files. So running SFC is not a malware scan nor should it be used as such.

  9. Unfortunately I can't access that topic. I have checked the files and I suspect the issue is with the powershell script (mal.ps1). A script like that one is usually the result of being dropped by other malware or ending up on the system using exploit code, which will be blocked. To simulate that correctly in a test you would need to find out what malware dropped this script and run that instead.

    • Upvote 1
  • Create New...